Never reinstall your XP again Tired of your unstable and crashing PC? Looking for a permanent solution for your dysfunctional XP? Don't compromise — get our new, state-of-the-art technology. Reimage requires no set-up and causes no loss of data or applications. This is the ultimate professional repair tool, which works like "magic," according to eWeek. Get a free Reimage PC booster with every scan. Try it now! Reimage

Try Snagit for screen capture free If you see it, you can Snagit. Capture any size image your PC can handle in a snap, and share it just as fast. From something small to an entire page that scrolls, Snagit has you covered. Grab exactly what you want, when you want it, every time. Try it for free! Snagit

Optimize your PC by updating your BIOS Do you want to improve the performance of your PC? Phoenix Technologies' new BIOSAgentPlus is a program that will scan your PC and match the correct BIOS and specific driver updates you need on any desktop or laptop. Scan today for a free report! BIOSAgentPlus

See your ad here

By Scott Spanbauer

Windows XP and Vista have started installing updates at shutdown, in certain cases, without displaying a warning or requesting permission, according to reports by several readers.

The forced-install behavior has been witnessed at least three times by Windows Secrets editors, but Microsoft says its procedure for Automatic Updates hasn't changed in the last 10 months.

The behavior seems to occur only if a Windows user has Automatic Updates configured to "download updates but don't install them" or "notify me but don't install them." If updates are scheduled to occur automatically, with no notice to users, the silent installation of updates would be expected.

Most Windows patches are desirable and have few unwanted side effects. A few updates, however, are known to disable or conflict with other software. For this reason, many individuals and companies require that all upgrades be researched or tested before anything is installed.

Numerous conflicts have caused users to take a cautious approach to updates. For example, WS contributing editor Susan Bradley reported in her July 10, 2008, column (paid content) that Microsoft patch MS08-037 completely disabled the Internet connection of machines that use the ZoneAlarm firewall. Many users can't afford this kind of interruption of service and prefer to study each update before approving its installation.

Delaying the acceptance of Windows patches allows you to gauge the risk of each individual update. It buys you time to read — in Susan's articles, for example — about any problems that early adopters have reported with specific patches.

The forced-install behavior, in which Windows applies updates at shutdown time without requesting approval, is a concern to people who need to control the patch process. Normally, configuring Automatic Updates not to install patches without approval causes Windows to merely check for updates rated "Important" or "Recommended" whenever the computer is connected to the Internet (optionally downloading the patches for later installation).

Once Windows determines that patches are available, the operating system normally displays an icon in the taskbar's notification area, alerting you that updates are awaiting your review and approval. (The icon is yellow in XP, blue in Vista, as shown in Figure 1.) When the forced-install situation occurs, however, this icon never appears and users receive no prompt that updates are queued for installation.


Figure 1. Notifications to users, including Windows' new-updates icon (at left in this image), fail to appear if a forced-update situation has occurred.

Worst of all, when a user initiates a shut-down or reboot process in this situation, all pending updates are installed immediately, ignoring the user's "don't install" setting.

Why 'surprise installs' may recently have begun

One theory to explain the forced installs is that the large number of patches Microsoft released on June 9 overwhelmed the Redmond company's download servers. Ten separate security bulletins, some including numerous versions of patches, were announced that day — an unusually high number.

The extra demand may have caused some downloads to be incomplete. Incomplete downloads are known to disable the notification icon and possibly the approval dialog that's supposed to appear during shutdown.

Microsoft described in Knowledge Base article 910340 on Dec. 5, 2007, how an incomplete patch download can prevent the notification icon from appearing.

The document says: "During periods of heavy download traffic, the Automatic Updates service can reschedule download requests on a day-to-day basis.... The Automatic Updates service is designed to resume and complete the download as quickly as possible. Usually, the update will usually be downloaded and installed in several days."

This explanation is little consolation for Windows users who — due to company policy or any other reason — want to avoid installing the latest build of .NET Framework, Internet Explorer 8, or any other update that has known issues. If the forced-update bug strikes you, however, any updates that are in the queue will be installed without the opportunity for you to review them.

Microsoft has aroused scrutiny in the past for installing upgrades even though users have set Automatic Updates to "don't install." Windows Secrets was the first publication to report in a Sept. 13, 2007, article that Automatic Updates silently installs nine small executable files to upgrade itself, regardless of the AU setting.

In a follow-up story two weeks later, WS associate editor Scott Dunn reported problems caused by a silent AU upgrade that Microsoft began in July 2007. The new executable files prevented security patches from successfully installing on Windows XP if the Repair function of XP's install disc had been run.

Paul Pottorff, senior product manager of Windows Update, stated in an e-mail interview that no similar silent upgrade has been installed by Automatic Updates since August 2008. He explains that there's been no change to Windows' auto-update routine since then that would explain the recent reports of forced installs.

(Microsoft announced its August 2008 silent AU upgrade on July 3, 2008, and Scott Dunn analyzed the AU stealth patch in an article on Aug. 14, 2008.)

"The behavior we expect to see is for users to be notified about updates that are available for them to install," says Pottorff. "If there is only a throttled update, they shouldn't be notified. If there are any other available updates, they should be notified. The presence of a throttled update does not prevent Automatic Updates from notifying users about other not-throttled updates. Furthermore, this behavior has been the same for a long time and hasn't even been touched for more than 9 months."

At this point, I'm unable to make the behavior reproducible or demonstrate the exact conditions under which forced installs occur. Until a better explanation of the aberrant update behavior is provided, however, I'm calling it an unpatched bug.

How to prevent forced installs from occurring

To work around the possibility that Windows will install updates the next time you shut down or restart your PC, you need to understand the update options Windows offers. The update options in XP are:

• Automatic — automatically download recommended updates for my computer and install them.
  
• Download updates for me, but let me choose when to install them.
  
• Notify me but don't automatically download or install them.
  
• Turn off Automatic Updates.

• Install updates automatically.
  
• Download updates but let me choose whether to install them.
  
• Check for updates but let me choose whether to download and install them.
  
• Never check for updates.

Figure 2. Users who've selected one of the two "let me choose" options are reporting that Windows has forced updates onto their systems.

Choosing the first option, which installs updates without user intervention, is designed to refresh your system with the most-crucial security patches. However, many PC security experts (including Susan) recommend that advanced users choose the second or third option. Either alternative is supposed to give you the opportunity to research the latest updates before you apply them.

The forced-update problem doesn't appear to be rampant, but it can severely affect users whose systems are incompatible with certain updates.

If you consider it important to research patches before they're installed, one possible workaround involves selecting AU's option 2 or 3. Then, run Microsoft Update (a superset of Windows Update, both of which require IE) and specify every patch to be installed or not installed — every time you plan to shut down or reboot. Running Microsoft's updater should eliminate any queued downloads that might install unexpectedly.

You might think that you could eliminate forced updates by selecting Turn off Automatic Updates (in XP) or Never check for updates (in Vista). You would then check manually for updates at least once a month, using Microsoft Update or one of the third-party update services described in the WS Security Baseline.

Besides the headache of having to check manually for patches, however, a problem with disabling Automatic Updates is that Windows constantly nags you about it. A bold red "X" is repeatedly displayed, whether or not you're savvy enough to decide for yourself whether you wish to use Automatic Updates or a third-party patch checker. (See Figure 3.)


Figure 3. Disabling Automatic Updates, perhaps because you prefer to use a competing update checker instead, results in constant nag warnings from Windows.

Readers who have additional evidence about forced updates in XP or Vista should report the information using the Windows Secrets contact page.

Table of contents

Free CompTIA exam preparation For a limited time, ExamForce is offering Windows Secrets readers a free download of our popular CompTIA A+ exam prep. Includes both the CompTIA A+ Essentials and CompTIA A+ IT Technician. Hundreds of questions, answers, and detailed explanations. ExamForce CramMaster for CompTIA A+

See your ad here

• "Re: Scott Spanbauer's excellent summary of MS Office alternatives: I ordered this Vista Home Premium computer with MS Office 2007 Premium installed. I found that Word did not open usable versions of some previous Word documents (2000 and 2003), especially a six-panel mailable brochure (it scrambled and moved both graphics and text).
  
  "OpenOffice 2.4, however, opened it flawlessly and allowed accurate display, updating, and printing. Moral: OO handled older Word documents better than Office 2007 opened older .doc files. Also, OO opens the widely used .odt file, and version 3.1 even opens the obnoxious Office 2007 .docx while Office 2007 is just now discovering .odt. Also, OpenOffice has long given the option of saving as a PDF.
  

• "I switched to OpenOffice a few years back when Office 2K started fighting with other apps like Google Desktop. Even without any apps open, the computer would freeze for a couple of minutes on cut and paste activities. I asked MS about the issue and they told me to buy an upgrade.
  
  "I've used OpenOffice for fancy mail merges, complex spreadsheets, and a large book with a Master document, producing automated table of contents, index, and end notes. That did require using the ODF format, though.
  
  "The only issue I've had is with your suggestion to set file format defaults to MS Office formats. On three occasions, I've had large .xls format spreadsheets hiccup in OpenOffice and lose multiple tabs. Fortunately, I use FileHamster, which backs up on each save.
  
  "I've since migrated to using ODF format for spreadsheets and have found the files much smaller, faster, and completely reliable. I simply Save As Office formats or print to PDF when I share. Also, given my past experiences with not being able to open older MS file formats, I like the idea of using ODF as an archive format."
  

• "You spoke at great length about the high cost of Microsoft Office and the free alternatives. However, you failed to mention the low-cost Office version — Office Home and Student 2007 — which includes Word, PowerPoint, Excel, and OneNote.
  
  "This [version] can be found for $100 to $150 and can be installed on three PCs! You don't have to be a student to purchase this — no ID is asked for. I don't think that $33 to $50 per computer is a bad price for Office."
  

• "Yes, there are free alternatives to Office, but ...
  
  "(1) OOo is nowhere near up to the standard of Office. It's slow, buggy, and just plain ugly. (And, btw, I hate Office as a program due to the bloat and unintuitive interface in its most recent incarnation.)
  
  "(2) Online alternatives are sloooooooow even with a fast connection, particularly if you use any degree of complexity in a spreadsheet, etc. How like Earth people to find the worst possible way of doing something (for the user) and then make it sound like God's gift to mankind.
  
  "(3) An overlooked alternative is WordPerfect Suite (Corel), which, while not free, is generally more competitively priced and is and always has been a better product than Office."
  

• "I enjoyed Scott Spanbauer's article on alternatives to MS Office. I disagree with one of his suggestions, however — that folks standardize on MS Office file formats in OpenOffice.org. ...
  
  "I have many ebooks on my computer that were originally in MS .doc format; opening them in OpenOffice.org and saving them in Open Document Text (.odt — the OpenOffice.org default) resulted in saving about two-thirds of the disk space with no loss of content.
  
  "I've been using OpenOffice.org extensively for about three years now, both in Windows and Linux. Many of its capabilities surpass MS Office — for example, autonumbering works much better in OpenOffice.org and has been broken in every version of MS Office for at least a decade. (I worked for some years as a technical writer and had to wrestle with workarounds many times in MS Office).
  
  "Additionally, I haven't had to deal with Access databases, but this article by Solveig Haugland explains how to connect Access databases with OpenOffice Base.
  
  "However, there are also many articles online involving the use of Base as a front end for more-powerful databases such as MySQL or PostGresQL. That gives even more power and flexibility."
  

Table of contents

By Katy Abby Red herrings, plot twists, and cliffhangers are all part of the joy of losing yourself in a good movie or TV show. The story line weaves intricately through your mind, casting aside all outside thoughts and distractions as you breathlessly await the next revelation. So when some thoughtless cretin ruins the surprise with a careless comment, the results can be devastating. Fortunately, there's a group of folks who've dedicated their lives to silencing these "spoilers" once and for all. Take a look at this College Humor original short; after seeing how seriously these guys take their jobs, you'll never let the cat out of the bag again! Play the video

Table of contents

Your old drivers are slowing down your PC Driver Detective provides the most up-to-date drivers specific to your computer, including all major-brand OEMs (Dell, HP, Compaq, Toshiba, etc.) and generic brands. We access a database of over 9.2 million device-associated drivers — the largest driver update database on the Internet. Driver Detective saves you endless hours of work and aggravation normally associated with updating drivers. Driver Detective

Get your message seen by 400,000 readers Does your company offer a product or service? Now you can place an ad in the Windows Secrets Newsletter and be seen by more than 400,000 active buyers of PC hardware and software. Bid as much or as little as you like to get the ideal ad placement. Take advantage of our all-new design interface, allowing larger images and longer text, and get updated stats in real time! Windows Secrets Newsletter

See your ad here

TOP STORY By Scott Spanbauer Windows may install updates without asking Why "surprise installs" may recently have begun How to prevent forced installs from occurring KNOWN ISSUES By Dennis O'Reilly More good reasons to leave Office on the shelf Save money by choosing Office Home and Student Not everyone's a fan of OpenOffice.org WACKY WEB WEEK By Katy Abby Saving the world, one surprise ending at a time

	LANGALIST PLUS By Fred Langa Use ReadyBoost and pagefiles on flash drives? Pagefiles wear out flash devices in no time New custom-built PC hangs frequently A baffling problem with Acrobat updates Partition trouble causes incredible slowdowns
	PERIMETER SCAN By Ryan Russell Utilities help clear temp files, stymie Trojans The no-cost way to clear out temp files Playing "Where's Waldo?" with ZoneAlarm Free Another Trojan remover for your security kit
	PATCH WATCH By Susan Bradley The correct way to install Vista Service Pack 2 Don't be in a hurry to install Vista SP2 Version 3 makes iPhones much more secure Firefox and Chrome updates fix critical holes .NET patch finally gets a Firefox fix An Outlook/IE printing mystery solved

	There's no fixed fee! Contribute whatever it's worth to you Readers who make a financial contribution of any amount by July 1, 2009, will immediately receive the latest issue of our full, paid newsletter and 12 months of new paid content. Pay as much or as little as you like — we want as many people as possible to have this information.
	A portion of your support helps children in developing countries Each month, we send a full year of sponsorship to a different child. Your contributions in June are helping us to sponsor Julissa, an 8-year-old girl from El Salvador. Save the Children channels development aid from donors to Julissa and her community. We also sponsor kids through Plan USA and other respected agencies. More info

More info on how to upgrade

Table of contents

• Visit our Unsubscribe page.
  

Table of contents